[#61822] Plan Developers Meeting Japan April 2014 — Zachary Scott <e@...>
I would like to request developers meeting around April 17 or 18 in this mo=
14 messages
2014/04/03
[#61825] Re: Plan Developers Meeting Japan April 2014
— Urabe Shyouhei <shyouhei@...>
2014/04/03
It's good if we have a meeting then.
[#61826] Re: Plan Developers Meeting Japan April 2014
— Zachary Scott <e@...>
2014/04/03
Regarding openssl issues, I=E2=80=99ve discussed possible meeting time with=
[#61833] Re: Plan Developers Meeting Japan April 2014
— Martin Bo煬et <martin.bosslet@...>
2014/04/03
Hi,
[#61847] Re: Plan Developers Meeting Japan April 2014
— Eric Wong <normalperson@...>
2014/04/03
Martin Boテ殕et <[email protected]> wrote:
[#61849] Re: Plan Developers Meeting Japan April 2014
— Zachary Scott <e@...>
2014/04/04
I will post summary of meeting on Google docs after the meeting.
[#61852] Re: Plan Developers Meeting Japan April 2014
— Eric Wong <normalperson@...>
2014/04/04
Zachary Scott <[email protected]> wrote:
[#61860] Re: Plan Developers Meeting Japan April 2014
— Zachary Scott <e@...>
2014/04/04
I=E2=80=99m ok with redmine, thanks for bringing up your concern!
[#62076] Candidacy to 2.1 branch maintainer. — Tomoyuki Chikanaga <nagachika00@...>
Hello,
7 messages
2014/04/17
[#62078] Re: Candidacy to 2.1 branch maintainer.
— SHIBATA Hiroshi <shibata.hiroshi@...>
2014/04/17
> And does anyone have counter proposal for 2.1 maintenance?
[ruby-core:62052] [ruby-trunk - Bug #8543] rb_iseq_load
From:
billk@...
Date:
2014-04-16 10:21:56 UTC
List:
ruby-core #62052
Issue #8543 has been updated by B Kelly.
File iseq-load-test3.rb added
File iseq-load-test3-file.rb added
Hello again,
The attached files comprise a small example which appears to consistently
reproduce a segmentation fault with rb_iseq_load.
Interpreter is: ruby 2.2.0dev (2014-04-16 trunk 45597) [i386-mswin32_100]
The crash appears related to the case statement.
~~~
Call stack:
The st_table pointer at st_foreach_check is bad:
msvcr100-ruby220.dll!st_foreach_check(st_table * table=0x00000008, int (void)* func=0x0f3f3580, unsigned long arg=4512588, unsigned long never=6) Line 891 + 0x3 bytes C
msvcr100-ruby220.dll!hash_foreach_call(unsigned long arg=4512588) Line 258 + 0x17 bytes C
msvcr100-ruby220.dll!rb_ensure(unsigned long (void)* b_proc=0x0f3f3530, unsigned long data1=4512588, unsigned long (void)* e_proc=0x0f3f3480, unsigned long data2=10318080) Line 888 + 0x7 bytes C
msvcr100-ruby220.dll!rb_hash_foreach(unsigned long hash=10318080, int (void)* func=0x0f45ac20, unsigned long farg=4512696) Line 275 + 0x17 bytes C
> msvcr100-ruby220.dll!iseq_set_sequence(rb_iseq_struct * iseq=0x00d279b0, iseq_link_anchor * anchor=0x0044dd58) Line 1507 + 0x12 bytes C
msvcr100-ruby220.dll!iseq_setup(rb_iseq_struct * iseq=0x00d279b0, iseq_link_anchor * anchor=0x0044dd58) Line 1026 + 0xd bytes C
msvcr100-ruby220.dll!iseq_build_from_ary_body(rb_iseq_struct * iseq=0x00d279b0, iseq_link_anchor * anchor=0x0044dd58, unsigned long body=10318900, st_table * labels_table=0x00d27d10) Line 5855 + 0xd bytes C
msvcr100-ruby220.dll!rb_iseq_build_from_ary(rb_iseq_struct * iseq=0x00d279b0, unsigned long locals=10320520, unsigned long args=5, unsigned long exception=10320460, unsigned long body=10318900) Line 5932 + 0x15 bytes C
msvcr100-ruby220.dll!iseq_load(unsigned long self=10542580, unsigned long data=10320540, unsigned long parent=10318300, unsigned long opt=4) Line 561 + 0x19 bytes C
msvcr100-ruby220.dll!rb_iseq_load(unsigned long data=10320540, unsigned long parent=10318300, unsigned long opt=4) Line 582 + 0x17 bytes C
msvcr100-ruby220.dll!iseq_build_load_iseq(rb_iseq_struct * iseq=0x00d27500, unsigned long op=10320540) Line 5701 + 0x15 bytes C
msvcr100-ruby220.dll!iseq_build_from_ary_body(rb_iseq_struct * iseq=0x00d27500, iseq_link_anchor * anchor=0x0044dfd4, unsigned long body=10318680, st_table * labels_table=0x00d27860) Line 5816 + 0x13 bytes C
msvcr100-ruby220.dll!rb_iseq_build_from_ary(rb_iseq_struct * iseq=0x00d27500, unsigned long locals=10320900, unsigned long args=3, unsigned long exception=10320840, unsigned long body=10318680) Line 5932 + 0x15 bytes C
msvcr100-ruby220.dll!iseq_load(unsigned long self=10542580, unsigned long data=10320920, unsigned long parent=10318380, unsigned long opt=4) Line 561 + 0x19 bytes C
msvcr100-ruby220.dll!rb_iseq_load(unsigned long data=10320920, unsigned long parent=10318380, unsigned long opt=4) Line 582 + 0x17 bytes C
msvcr100-ruby220.dll!iseq_build_load_iseq(rb_iseq_struct * iseq=0x00d27110, unsigned long op=10320920) Line 5701 + 0x15 bytes C
msvcr100-ruby220.dll!iseq_build_from_ary_body(rb_iseq_struct * iseq=0x00d27110, iseq_link_anchor * anchor=0x0044e250, unsigned long body=10318560, st_table * labels_table=0x00d27470) Line 5783 + 0xd bytes C
msvcr100-ruby220.dll!rb_iseq_build_from_ary(rb_iseq_struct * iseq=0x00d27110, unsigned long locals=10321160, unsigned long args=1, unsigned long exception=10321100, unsigned long body=10318560) Line 5932 + 0x15 bytes C
msvcr100-ruby220.dll!iseq_load(unsigned long self=10542580, unsigned long data=10321180, unsigned long parent=10318460, unsigned long opt=4) Line 561 + 0x19 bytes C
msvcr100-ruby220.dll!rb_iseq_load(unsigned long data=10321180, unsigned long parent=10318460, unsigned long opt=4) Line 582 + 0x17 bytes C
msvcr100-ruby220.dll!iseq_build_load_iseq(rb_iseq_struct * iseq=0x00d25c08, unsigned long op=10321180) Line 5701 + 0x15 bytes C
msvcr100-ruby220.dll!iseq_build_from_ary_body(rb_iseq_struct * iseq=0x00d25c08, iseq_link_anchor * anchor=0x0044e4cc, unsigned long body=10318500, st_table * labels_table=0x00d25f68) Line 5783 + 0xd bytes C
msvcr100-ruby220.dll!rb_iseq_build_from_ary(rb_iseq_struct * iseq=0x00d25c08, unsigned long locals=10339520, unsigned long args=1, unsigned long exception=10339460, unsigned long body=10318500) Line 5932 + 0x15 bytes C
msvcr100-ruby220.dll!iseq_load(unsigned long self=10542580, unsigned long data=10339540, unsigned long parent=0, unsigned long opt=4) Line 561 + 0x19 bytes C
msvcr100-ruby220.dll!iseq_s_load(int argc=1, unsigned long * argv=0x0057005c, unsigned long self=10542580) Line 576 + 0x13 bytes C
msvcr100-ruby220.dll!call_cfunc_m1(unsigned long (void)* func=0x0f443b50, unsigned long recv=10542580, int argc=1, const unsigned long * argv=0x0057005c) Line 1330 + 0xf bytes C
msvcr100-ruby220.dll!vm_call_cfunc_with_frame(rb_thread_struct * th=0x00c15588, rb_control_frame_struct * reg_cfp=0x005eff80, rb_call_info_struct * ci=0x00cdcfc0) Line 1502 + 0x20 bytes C
msvcr100-ruby220.dll!vm_call_cfunc(rb_thread_struct * th=0x00c15588, rb_control_frame_struct * reg_cfp=0x005eff80, rb_call_info_struct * ci=0x00cdcfc0) Line 1592 + 0x11 bytes C
msvcr100-ruby220.dll!vm_call_method(rb_thread_struct * th=0x00c15588, rb_control_frame_struct * cfp=0x005eff80, rb_call_info_struct * ci=0x00cdcfc0) Line 1786 + 0x11 bytes C
msvcr100-ruby220.dll!vm_call_general(rb_thread_struct * th=0x00c15588, rb_control_frame_struct * reg_cfp=0x005eff80, rb_call_info_struct * ci=0x00cdcfc0) Line 1941 + 0x11 bytes C
msvcr100-ruby220.dll!vm_exec_core(rb_thread_struct * th=0x00c15588, unsigned long initial=0) Line 1028 + 0x1a bytes C
msvcr100-ruby220.dll!vm_exec(rb_thread_struct * th=0x00c15588) Line 1328 + 0xd bytes C
msvcr100-ruby220.dll!invoke_block_from_c(rb_thread_struct * th=0x00c15588, const rb_block_struct * block=0x005effe0, unsigned long self=10187260, int argc=1, const unsigned long * argv=0x0044f0ec, const rb_block_struct * blockptr=0x00000000, const RNode * cref=0x00000000, unsigned long defined_class=4, int splattable=1) Line 752 + 0x9 bytes C
msvcr100-ruby220.dll!vm_yield(rb_thread_struct * th=0x00c15588, int argc=1, const unsigned long * argv=0x0044f0ec) Line 784 + 0x28 bytes C
msvcr100-ruby220.dll!rb_yield_0(int argc=1, const unsigned long * argv=0x0044f0ec) Line 936 + 0x13 bytes C
msvcr100-ruby220.dll!rb_yield(unsigned long val=10340180) Line 946 + 0xb bytes C
msvcr100-ruby220.dll!rb_ary_each(unsigned long array=10342440) Line 1806 + 0x2f bytes C
msvcr100-ruby220.dll!call_cfunc_0(unsigned long (void)* func=0x0f3cd6b0, unsigned long recv=10342440, int argc=0, const unsigned long * argv=0x00570040) Line 1336 + 0x7 bytes C
msvcr100-ruby220.dll!vm_call_cfunc_with_frame(rb_thread_struct * th=0x00c15588, rb_control_frame_struct * reg_cfp=0x005effd0, rb_call_info_struct * ci=0x00cdc5a8) Line 1502 + 0x20 bytes C
msvcr100-ruby220.dll!vm_call_cfunc(rb_thread_struct * th=0x00c15588, rb_control_frame_struct * reg_cfp=0x005effd0, rb_call_info_struct * ci=0x00cdc5a8) Line 1592 + 0x11 bytes C
msvcr100-ruby220.dll!vm_call_method(rb_thread_struct * th=0x00c15588, rb_control_frame_struct * cfp=0x005effd0, rb_call_info_struct * ci=0x00cdc5a8) Line 1786 + 0x11 bytes C
msvcr100-ruby220.dll!vm_call_general(rb_thread_struct * th=0x00c15588, rb_control_frame_struct * reg_cfp=0x005effd0, rb_call_info_struct * ci=0x00cdc5a8) Line 1941 + 0x11 bytes C
msvcr100-ruby220.dll!vm_exec_core(rb_thread_struct * th=0x00c15588, unsigned long initial=0) Line 999 + 0x1a bytes C
msvcr100-ruby220.dll!vm_exec(rb_thread_struct * th=0x00c15588) Line 1328 + 0xd bytes C
msvcr100-ruby220.dll!rb_iseq_eval_main(unsigned long iseqval=10505960) Line 1586 + 0x9 bytes C
msvcr100-ruby220.dll!ruby_exec_internal(void * n=0x00a04ee8) Line 254 + 0x46 bytes C
msvcr100-ruby220.dll!ruby_exec_node(void * n=0x00a04ee8) Line 316 + 0x9 bytes C
msvcr100-ruby220.dll!ruby_run_node(void * n=0x00a04ee8) Line 308 + 0x9 bytes C
ruby_t.exe!main(int argc=3, char * * argv=0x00c115b8) Line 36 + 0x16 bytes C
ruby_t.exe!__tmainCRTStartup() Line 555 + 0x17 bytes C
In the iseq_set_sequence above marked by ">", the bad hash value was
fetched from operands[j]:
case TS_CDHASH:
{
VALUE map = operands[j];
struct cdhash_set_label_struct data;
data.hash = map;
data.pos = pos;
data.len = len;
rb_hash_foreach(map, cdhash_set_label_i, (VALUE)&data);
hide_obj(map);
generated_iseq[pos + 1 + j] = map;
break;
}
And the iobj->insn_id is consistently YARVINSN_opt_case_dispatch:
iobj 0x00d27c6c {link={...} insn_id=YARVINSN_opt_case_dispatch line_no=5 ...} iseq_insn_data *
link {type=ISEQ_ELEMENT_INSN next=0x00d27c8c prev=0x00d27ba4 } iseq_link_element
insn_id YARVINSN_opt_case_dispatch ruby_vminsn_type
line_no 5 unsigned int
operand_size 2 int
sc_state 0 int
~~~
I had invoked the program with --disable-gems for simplicity, however
the crash occurs either way.
If there's any further information I could provide please let me know.
Thanks for your help!
Regards,
Bill
----------------------------------------
Bug #8543: rb_iseq_load
https://bugs.ruby-lang.org/issues/8543#change-46227
* Author: Alexey Voskov
* Status: Open
* Priority: Low
* Assignee: Koichi Sasada
* Category: YARV
* Target version: current: 2.2.0
* ruby -v: ruby 2.0.0p234 (2013-06-19 revision 41434) [x86_64-darwin11.4.2]
* Backport: 1.9.3: DONTNEED, 2.0.0: REQUIRED
----------------------------------------
I noticed an unusual behaviour of undocumented rb_iseq_load function.
Its work differs in different Ruby versions. I'm trying to protect some Ruby
source code by its conversion to YARV p-code and using the next strategy:
1) Convert code to array
data = RubyVM::InstructionSequence.compile_file('hello.rb').to_a
2) Pass a compiled source to the rb_iseq_load function and evaluate it
iseq = iseq_load.(data)
iseq.eval
Sample programs are supplied in the attachments.
"hello.rb"
---------------------------
puts "tralivali"
def funct(a,b)
a**b
end
3.times { |i|
puts "Hello, world#{funct(2,i)}!"
}
------------------------
The differences
Ruby 1.9.3 (ruby 1.9.3p194 (2012-04-20) [i386-mingw32])
Correct work. Output:
-------------------------
tralivali
Hello, world1!
Hello, world2!
Hello, world4!
--------------------
Ruby 2.0.0 (ruby 2.0.0p193 (2013-05-14) [x64-mingw32])
Incorrect work (omits the code inside code blocks). Output
-------------------------
tralivali
-------------------------
Attempts of loading bigger programs by means of rb_iseq_load in Ruby 2.0.0 usually ends with a segmentation fault.
Such behaviour also can be reproduced by means of iseq Ruby extension ("for iseq freaks")
https://github.com/wanabe/iseq
P.S. I understand that it is an undocumented feature.
---Files--------------------------------
hello.rb (102 Bytes)
rb_pack.rb (931 Bytes)
iseq-load-test3.rb (210 Bytes)
iseq-load-test3-file.rb (369 Bytes)
--
https://bugs.ruby-lang.org/